To verify the rules are deployed on a host and applied to the virtual machine's vNIC, we will need to use the command-line interface. This recipe will show you how to validate DFW rules from both the ESXi host that is prepared for NSX and the NSX manager.
To use the command line for validating DFW rules, make sure you have the following:
- Access to the NSX manager shell through the VM console or SSH; the default user is admin
- Access to the ESXi host shell through the ESXi console, DCUI, or SSH; the default user is root
We are interested in the vNIC filter name that the VM uses or attached and we will verify the rules that are applied to that filter name. The filter naming should be nic-#####-eth#-vmware-sfw.2
.